IE20140024A1 - Web application protection system with transaction signing using near field communication (NFC) capable devices - Google Patents

Web application protection system with transaction signing using near field communication (NFC) capable devices

Info

Publication number
IE20140024A1
IE20140024A1 IE20140024A IE20140024A IE20140024A1 IE 20140024 A1 IE20140024 A1 IE 20140024A1 IE 20140024 A IE20140024 A IE 20140024A IE 20140024 A IE20140024 A IE 20140024A IE 20140024 A1 IE20140024 A1 IE 20140024A1
Authority
IE
Ireland
Prior art keywords
web
transaction
application
user
near field
Prior art date
Application number
IE20140024A
Inventor
Guru Prasad Mandyam
Original Assignee
Guru Prasad Mandyam
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guru Prasad Mandyam filed Critical Guru Prasad Mandyam
Priority to IE20140024A priority Critical patent/IE20140024A1/en
Publication of IE20140024A1 publication Critical patent/IE20140024A1/en

Links

Abstract

The present invention relates to the web application security in preventing fraudulent activity. In particular the invention provides a way to positively authenticate the web / application web site user, who is trying to access resources on a web application or web server using Near Field Communication (NFC) capable device. The advantage of the system is that the system provides noninvasive pluggable module based user second device based authentication for existing web applications or web sites with or without changes to current environment based on customer requirements. The method not only provides the high level of security but also eliminates false-positives, which are expensive and time-consuming for organizations.

Description

Web application Protection System with Transaction Signing using Near Field Communication (NFC) capable devices.
Field of Invention The present invention relates to the web application security in World Wide Web based applications, hand held and mobile devices.
Background to the invention Work Wide Web (WWW) based application which work on internet provide wide range of functionality and facilities to users all over the world. The nature of internet allows any user with a suitable application such as web browser, can access application which delivers useful functionality such as email, online banking, information storage and retrieval, content delivery, just to name few. However this same open nature of the internet also crated opportunities for hacker, fraudsters and other types of criminals, who take advantage of open nature of the internet based applications. The invention provides method to add additional layer of security to positively identify the end user to the web based internet application using Near Field Communication devices such as Near Field Communications (NFC) and Bluetooth.
Summary of the invention The invention provides a means to means to provide second device based authentication for existing web applications. The invention composed of a system for improving web based application security by introducing second device such as mobile device based approval. The invention removes the complex process of transaction signing process with simple and noninvasive process which is not only more secure but also reliable. The invention also ensure that the mobile device is present at the point of the web transaction service provider system such as tablet computer or kiosk.
IE 14 0 024 Description of Embodiment Brief description of drawings The invention is described in details using the drawings provide in the following section. The embodiment includes examples to show few ways of interfacing and representing the authentication process in detail. 1. Fig. 1 is a schematic representation of the web application and client architecture. 2. Fig. 2 is a schematic representation of the web application and client architecture with second device based authentication. 3. Fig. 3 is a schematic representation of the flow chart of the web page transaction signing request to the second device like mobile device using near field communication. 4. Fig. 4 is a schematic representation of the alternative flow chart of the web page Transaction Signing using second device like mobile device using near field communication.
. Fig.5 is a schematic representation of the alternative flow chart of the authorizing second device like mobile device using near field communication.
The invention is baed on current web application access between a client, typically a web browser or another computer system and a web application that is proving the functionality to the user. Figure 1, shows the typical architecture of the current web application. The client 101, connects to the web application 103, internet and request for a resource, such as log in page, account page etc.The web application 103, hosted at a secure site of customer’s choice, may contain network equipment such as firewalls, routers, application servers, web serves, mail severs, etc. The web application 103, IE 14 0 024 upon receiving the request from client 101, will fetch or generate HTML content and sends to the client via internet 102. In this example any one with appropriate browser can access the web page hosted by the web application 103.
The invention shown in Fig 2 in high level architecture block diagram, the component or client system such as client computer or web browser 201, connects to the web application 204 via internet 202 and web application security system 203. The mobile device 205, is a registered customer device which uniquely identified by the server application. The web application security system 203, processes each request and parses responses from the web application. Each request data and response content to identify tags inserted by the web application to get authorisation from mobile device, 205. The web application security system, 203, also provides facility to the web application, 204, without inserting custom tags, configure the request requires mobile device, 205, authorisation.
The sequence diagram shown in Fig 3, describes the server message ,301, for web transaction authentication is initiated by the user. The server starts the process of transaction signing using second device based authentication, 302. The transaction authentication device, 303, such as ATM or Point-Of-Sale device, evaluates the transaction signing request from the server. If the transaction signing is required, The transaction authentication device, 303, such as ATM or Point-Of-Sale device, activates the Near Field Communications (NFC) reader, 304. The user swipes the mobile device, 305, near the Near Field Communications (NFC) reader. The Near Field Communications (NFC) reader, 304, transmits the transaction details to the mobile device, 305. Then Near Field Communications (NFC) reader 306, exchanges the transaction details with the mobile device, 305. The user accepts the transaction by preconfigured method such as entering pin code or putting signature using finger on the touch screen device, 307. The device sends the signed transaction to the server, 308. The ATM or Point-Of-Sale device, 309, sends the transaction to the server. The server, 310, receives the transaction confirmation independently from the ATM or Point-Of-Sale device, and the mobile device. If the both matches, the transaction is confirmed otherwise, the transaction is rejected.
IS Η Ο Ο 2 4 The sequence diagram shown in Fig 4, describes the server message, 401, for web transaction authentication is initiated by the user. The server starts the process of transaction signing using second device based authentication, 402. The transaction authentication device, 403, such as ATM or Point-Of-Sale device, evaluates the transaction signing request from the server. If the transaction signing is required, The transaction authentication device, 403, such as ATM or Point-Of-Sale device, activates the Near Field Communications (NFC) reader, 404. The server, 405, sends the transaction information to both the transaction authentication device, 406, such as ATM or Point-Of-Sale device, and the mobile device, 407. The user accepts the transaction by pre-configured method such as entering pin code or putting signature using finger on the touch screen device, 407. The device sends the signed transaction to the server, 408. The ATM or Point-Of-Sale device, 408, sends the transaction to the server. The server, 409, receives the transaction confirmation independently from the ATM or Point15 Of-Sale device, and the mobile device. If the both matches, the transaction is confirmed otherwise, the transaction is rejected.
In the sequence diagram shown in the fig-5, The user installs the application on the mobile device, 501. The user opens the application installed on the mobile device, 501.
The application, 502, detects that the mobile device is not authenticated, initiates authentication process. The application, 502, instructs the user to authenticate the mobile device using the transaction authentication device such as ATM or Point-Of-Sale device. When user tries to validate the mobile device, the transaction authentication device such as ATM or Point-Of-Sale device, 503, activates the Near Field Communications (NFC) reader on the transaction authentication device such as ATM or Point-Of-Sale device. The transaction authentication device such as ATM or Point-OfSale device, 503, instructors the user to swipe the mobile device near the Near Field Communications (NFC) reader,504. The Near Field Communications (NFC) reader, 504, reads the user mobile device, 505, and sends the mobile device identifier to the server, 506. The mobile device, 505, sends the conformation token from the Near Field Communications (NFC) reader, 504, to the server, 506. The server process 507, consolidates the data sent Near Field Communications (NFC) reader 504, and the data IE 14 0 024 received from the mobile device 504. the server process, 507, sends conformation to the transaction authentication device such as ATM or Point-Of-Sale device, 508. The transaction authentication device such as ATM or Point-Of-Sale device, 508, confirms the mobile device authorization to the mobile device, 509. Now the mobile device, 509, is ready to accept and authorize web transactions as a valid authentication device.

Claims (7)

1. A system for improving web based application transaction security by introducing second device such as mobile device based approval using Near Field Communications (NFC).
2. The system of claim 1, interfaces in between web based application and the transaction authentication device such as ATM or Point-Of-Sale device, the system wiil request authorisation from the second user device, such as mobile device.
3. The system of claim 2, examines the request data from the client and forwards to the web application only with the approval comes from the user second device.
4. The system of claim 1, interfaces in between web based application and the 15 transaction authentication device such as ATM or Point-Of-Sale device, the system will positively authenticate the mobile device.
5. The system of claim 1, interfaces in between web based application and the transaction authentication device such as ATM or Point-Of-Sale device, the 20 system will positively authenticate the application installed on the mobile device.
6. The system of claim 1, interfaces in between web based application and the transaction authentication device such as ATM or Point-Of-Sale device, the system wiil positively authenticate the transaction from two independent sources.
7. The system of claim 1, interfaces in between web based application and the end user and examines the request data from the user and replaces the request data with second device based data from the user, there by providing secure data to the web server from two sources.
IE20140024A 2014-01-29 2014-01-29 Web application protection system with transaction signing using near field communication (NFC) capable devices IE20140024A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
IE20140024A IE20140024A1 (en) 2014-01-29 2014-01-29 Web application protection system with transaction signing using near field communication (NFC) capable devices

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
IE20140024A IE20140024A1 (en) 2014-01-29 2014-01-29 Web application protection system with transaction signing using near field communication (NFC) capable devices

Publications (1)

Publication Number Publication Date
IE20140024A1 true IE20140024A1 (en) 2015-07-29

Family

ID=53838239

Family Applications (1)

Application Number Title Priority Date Filing Date
IE20140024A IE20140024A1 (en) 2014-01-29 2014-01-29 Web application protection system with transaction signing using near field communication (NFC) capable devices

Country Status (1)

Country Link
IE (1) IE20140024A1 (en)

Similar Documents

Publication Publication Date Title
US11405380B2 (en) Systems and methods for using imaging to authenticate online users
EP3195108B1 (en) System and method for integrating an authentication service within a network architecture
US9412283B2 (en) System, design and process for easy to use credentials management for online accounts using out-of-band authentication
KR101468977B1 (en) Method and system for authentication using a mobile device
US20160269396A1 (en) Methods and Systems for Controlling Mobile Terminal Access to a Third-Party Server
US20110277025A1 (en) Method and system for providing multifactor authentication
US20130055362A1 (en) Authenticating via mobile device
CN103986584A (en) Double-factor identity verification method based on intelligent equipment
US20170295159A1 (en) Authenticating Clients Using Tokens
JP2015062129A (en) Flexible quasi-out-of-band authentication structure
WO2014016621A1 (en) Identity generation mechanism
US9742766B2 (en) System, design and process for easy to use credentials management for accessing online portals using out-of-band authentication
KR20160048161A (en) Method and system for authenticating service
CN115022047B (en) Account login method and device based on multi-cloud gateway, computer equipment and medium
KR20140081041A (en) Authentication Method and System for Service Connection of Internet Site using Phone Number
US20220300960A1 (en) System and method for confirming instructions over a communication channel
US9282094B1 (en) Transparent adaptive authentication and transaction monitoring
KR20150146061A (en) Voice recognition authentication system and method for providing authentication service using voice recognition
CN117172786A (en) Identity authentication method, device, equipment, medium and program product
CN103929310A (en) Mobile phone client side password unified authentication method and system
US20220116390A1 (en) Secure two-way authentication using encoded mobile image
KR20150135171A (en) Login processing system based on inputting telephone number and control method thereof
US10701105B2 (en) Method for website authentication and for securing access to a website
KR20180039037A (en) Cross authentication method and system between online service server and client
CN113746785A (en) Mailbox login and processing method, system and device

Legal Events

Date Code Title Description
FC9A Application refused sect. 31(1)